KB18054 - Network Connect fails to connect with "Could not connect to Secure Gateway because the certificate is invalid or not trusted by the client system" (nc.windows.app.23793)

Information

This article describes an issue where Network Connect fails to connect with the message "Could not connect to Secure Gateway because the certificate is invalid or not trusted by the client system".

Problem or Goal

When connecting with Network Connect, the end user may receive the error message:

Could not connect to Secure Gateway because the certificate is invalid or not
trusted by the client system. Click OK to exit NC and Sign in to Secure Gateway
again. If problem persists, please contact administrator.

Pulse Connect Secure is configured with self-signed certificate or does not have the complete certificate chain installed

Solution

To resolve this issue, please use the ssl installation checker at https://cryptoreport.websecurity.symantec.com/checker/ to check if the proper certificate chain is installed. If the complete chain is not installed, please contact the certificate authority to obtain the proper intermediate certificates.

Once the proper files are obtained, perform the following steps:

Login in the admin console

Navigate to Configuration > Certificates > Device Certificates

At the top of the screen, click Intermediate CAs link

From the Intermediate CA page, click Import CA Certificate

Click Browse and navigate to the Intermediate certificate file saved

Click Import Certificate

​If there are multiple intermediate certificates, repeat steps 4 to 6 for each file.

Note: Pulse Secure does not recommend installing a self-signed certificate on a production device besides the initial configuration. If a self-signed certificate is used for testing, the self-signed certificate will need to be manually installed as a trusted root certificate on each endpoint.